DigiCert, a provider of scalable TLS/SSL and PKI solutions, was facing challenges in securing their AWS environment. They were already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications, but their existing DDoS mitigation solution on AWS was not satisfactory. The solution was excessively scrubbing traffic and blocking legitimate traffic. As DigiCert's business is subjected to daily attacks, they needed a robust security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

The customer, a leading global IT services provider, was seeking to enhance its security credentials to win a lucrative contract with a major North American financial institution. The challenge was to restrict access to sensitive data and improve the protection of customer information. The customer also needed to comply with consultant security policies in training, development, and testing environments, and establish greater controls for alternative development opportunities like offshore initiatives. Furthermore, the financial institution required a solution that could achieve secure, realistic data reproduction and integrated masking across multiple database types and applications.

Scoot Airlines, a low-cost arm of the Singapore Airlines Group, was facing a significant challenge with bad bots abusing their booking engine. Unauthorized OTAs, competitors, and meta search sites were using sophisticated web scraping bots to exploit the business logic of Scoot’s booking engine. This led to skewed look-to-book ratios and site slowdowns. The bot traffic was also depriving legitimate customers of the opportunity to book air travel on Scoot’s website. Furthermore, Scoot was dealing with a high volume of traffic due to novice software development practices at its travel partners. The bot traffic was causing slowdowns across passenger-facing systems, including flight check-ins, which could trigger delays in departure times. The bot incidents were also impacting staff resources across multiple departments.

Betfred, the 4th largest bookmaker in the UK, was facing a significant proportion of bad bot traffic on its domains, with the volume of bad bots reaching as high as 87% of all web traffic. This was causing a strain on the IT team and wasting bandwidth and infrastructure resources. The company was also dealing with a high frequency of account takeover attacks, with up to 30 brute force credential stuffing attacks on login pages in a month. The backend systems were constantly busy, and the CPU utilization of their IPS/IDS was around 40% dealing with normal traffic. The company also faced issues with inconsistent mitigation strategies, stretched thin team resources, aggressive unauthorized scraping of betting odds, and vulnerability scans looking for weaknesses. The bot problem was one that Betfred tried to tackle internally, using other tools like their DDoS, WAF and IPS/IDS. But soon realized those tools were not built to deal with sophisticated bot operators who could easily circumvent traditional security solutions.

Accor North America, a Dallas-based hotel company operating more than 1,200 hotels, was facing a significant challenge with its online reservations system. Despite having multiple layers of defense, including Secure Sockets Layer (SSL) encryption, the company was concerned about the potential for SSL to be exploited by malicious hackers. SSL, while excellent for protecting consumer information, could also provide a cover for hackers trying to infiltrate the system. More than half of Accor's reservations were made through the web, making the security of this system crucial. The company had an intrusion-prevention system and a perimeter firewall in place, along with standard server hardening techniques. However, the potential vulnerability of the SSL tunnel was a significant concern.

The Tokyo Institute of Technology, Japan’s leading science and technology university, was facing significant security threats to the content of nearly 400 websites operated by its on-campus hosting service. The university's Global Scientific Information and Computing Center (GSIC) department, responsible for managing and maintaining the institute’s IT environments, was under constant attack. With limited security professional resources within the department, the university was in dire need of a robust, easy-to-deploy solution that could effectively protect their web content. The challenge was further compounded by the extensive incident response workload of the security management team and the limited human resources of the security operation team.

The Israel Ministry of Finance e-Government Initiative, also known as the Tehila project, was faced with the challenge of protecting sensitive applications and data from cyber-terror attacks while ensuring 24/7 access for visitors. The project was responsible for providing all government ministries and institutions with secure Internet services. The primary motive was to prevent cyber-terror attacks on sensitive applications and data. Tehila hosts and secures dozens of government web applications and needed to build a secure platform for these applications and data to appear on the Internet. Before Tehila, the sites were hosted by private ISPs at a very low security level and some were breached. The solution needed to be easy to deploy, not burden the staff with excessive maintenance, and provide reporting with a view into what was happening in their applications.

DigiCert, a leading provider of scalable identity and encryption solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were not satisfied with their existing DDoS mitigation solution on AWS, as it excessively scrubbed traffic and often blocked legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

The customer, a major US Financial Services Provider, part of a Global Fortune 500 Company, was facing several challenges in securing its trading environment. The company needed clear visibility into its database traffic to monitor activity and identify risks. It was crucial to secure customer data and transactions within the online trading environment. The company also needed to ensure the high performance and availability of the database and services that actively support online trading processes. The company was also looking to automate compliance and reporting capabilities for regulatory standards such as GLBA, HIPAA, HiTECH, FISMA, SCC, SOX, ISO 27001 and the NIST Cybersecurity Framework. Protecting sensitive customer and trading information from insider abuse was another challenge. The company also needed to control access to cloud apps and confidential client information, including rich policy enforcement and IP address whitelisting. Lastly, the company needed to prevent DDoS / DNS attacks from compromising the client website.

One of Europe’s largest independent online beauty retailers was facing a serious issue with web scraping. The retailer suspected that its competitors were using advanced bots to scrape pricing and inventory data from its website, allowing them to match prices and products quickly. The retailer noticed that a lot of its traffic was not from real users but from competitors spying on them. The reaction time to changes made on their website was too quick to be human, indicating the use of bots. The retailer's solutions developer found a lot of bot traffic on the site, some of which could be traced back to the static IP of their competitors’ offices. Initially, the retailer tried to block the bad bots manually, but this turned into an endless game of whack-a-mole as the bots started spoofing the headers and it became difficult to determine whether an address was genuine or not. The task became more and more time-consuming, and soon they were spending a day and a half every week checking for bots.

vli Limited, a UK-based company that develops and manages innovative web-based solutions, faced a significant challenge in securing its hosted web application platforms. With a customer base of around 100, all of vli’s servers were co-hosted at a data centre operated by a third-party provider. While managed firewalls were already deployed at the data centre, vli had not yet implemented a Web application firewall solution. The company was particularly concerned about SQL injection, a common form of automated application attack that could potentially pose a significant threat to their critical infrastructure. The company's expansion plan for 2009, which involved aggressively targeting the SME market and increasing the number of platforms hosted by them, further compounded the issue. vli needed a robust security solution that could secure their entire legacy, current, and future code, and be fully interoperable with other layers of security architecture.

Drupal.org, a community of over a million developers, designers, trainers, strategists, coordinators, editors, and sponsors, faced a significant challenge with spam. Spammers created bogus accounts to post junk content on Drupal.org's website, which has a highly coveted Google PageRank of 9. This spam was damaging to the Drupal brand and risked lowering its PageRank value. The spam was not automated but posted by actual people, making it harder to mitigate. The staff and community volunteers had to spend considerable time manually identifying and removing spam, with some spending up to half their workday on this task. Additionally, the spammer accounts skewed the community engagement metrics, making it hard to gauge the actual growth and engagement of the community. The spam also took up unnecessary space in the database and backups.

Covelli Enterprises, the largest franchisee of Panera Breads and O’Charley’s restaurants, was facing a significant challenge with its web security. Despite maintaining a low online profile, the company's web servers were consistently targeted by IP addresses from foreign countries. These servers housed sensitive data, including web-based email accounts, company reports, and business intelligence. The potential exploitation of these servers could lead to consumers being lured with malicious web advertising. Covelli's initial solution, an IPS system, proved insufficient as there were numerous ways to bypass it. The company needed a more robust solution to block attacks from known malicious users, monitor web application traffic, block web page and malware injection, and prevent unauthorized access to specific web servers.

A leading bank in the Asia-Pacific region was faced with the challenge of meeting the Internet Banking Technology Risk Management (IBTRM) requirements. These requirements necessitated the bank to closely supervise and log database activities performed by privileged users. The bank operates over 1500 mission-critical databases, distributed across seven different nations, making it crucial to deploy a solution that can scale to monitor and audit all databases, in all locations. Centralized management was key for enforcement, efficient management, and on-going maintenance. The bank was also concerned about the impact a monitoring solution would have on database performance, hence needed to ensure a low impact solution that would not compromise the availability of its financial systems. IBTRM also required the bank to limit privileged access based on “need-to-know.” Reviewing and managing access privileges across 1500 databases mandated the bank to implement an automated solution for aggregating and analyzing access privileges. For enforcing configuration policies and patch levels the bank needed a quick, automated way to scan databases, find misconfigurations and identify missing patches. Lastly, the bank needed to ensure proper incident management and response.

Frontier Airlines, a low-cost air carrier, was facing a significant challenge with its online booking engine. The company noticed a higher than expected look-to-book ratio, indicating that many website visitors were viewing flights but not making purchases. Upon further investigation, it was discovered that 50 to 60% of the traffic was not legitimate but was generated by bot operators scraping pricing data and artificially inflating the look-to-book ratio. This influx of bots not only skewed Frontier’s ratio but also resulted in potentially large overage fees as the company partners with a third-party reservation system that requires it to meet a certain look-to-book ratio. Additionally, the bot visits skewed site analytics, hindering the company’s ability to optimize the customer journey and maximize both revenue and customer experience. Frontier’s previous attempts to combat bots, such as manual IP blocking, proved to be time-consuming and ineffective as bot sophistication had dramatically increased.

TicketNetwork, a rapidly growing online ticket exchange platform, faced significant security challenges due to the nature of its business. The company, which facilitates transactions for third-party ticket sellers and buyers, is a prime target for hackers due to the high volume of credit card transactions it processes. As a Level 1 Service Provider, maintaining PCI compliance was a major corporate initiative for TicketNetwork. Despite not having experienced any data breaches, the company was keen to ensure that its security measures were robust and effective. Additionally, the company needed a solution that could handle massive traffic, block malicious IP addresses, and be deployed quickly for immediate compliance and security.

LeoVegas, a rapidly growing mobile gaming company, was committed to creating the ultimate mobile gaming experience for its players. This commitment involved ongoing efforts to improve the security, availability, and performance of its website, which directly impacted the company's bottom line. A key business requirement was reducing the risk of a DDoS attack against the website, a prevalent issue in the gaming industry often initiated by disgruntled players. Although LeoVegas had not yet been targeted, the company believed it was only a matter of time given its growth and industry position. To protect against service disruption, LeoVegas sought an always-on DDoS mitigation solution that would not add latency to overall website performance. As the company expanded into more countries and markets, regulatory compliance became a top concern. Each country required more audits and had different compliance issues that needed to be addressed. LeoVegas required a security solution that could support automated compliance reports and meet PCI-level standards. Additionally, the company sought a solution that could provide better visibility into its website traffic for marketing purposes.

The North American insurance company, with a history of 150 years, was facing a significant shift in its security strategy. As the company grew, so did the pressures of regulations and customer expectations, leading to a shift from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use. This, combined with the added complexity of regulations such as GDPR, CCPA, and NYFDS, and the very visible data breaches in the news, made it critical for the company to stay ahead of it. The company was using IBM Guardium™ Database Activity Monitoring (DAM) for data compliance and governance. However, the new security emphasis created a significant focus on proactively managing the detection and prevention of unauthorized activities around sensitive data. This led to a re-evaluation of the IBM Guardium™ tool for its data security potential. The company needed a solution that could cover additional databases that Guardium™ did not support, eliminate the manual labor that traditionally comes with security incident response, and provide easy access to long-term audit information for reporting and forensic investigation.

A leading global bank, operating in over 40 countries and serving over 38 million customers, was facing significant challenges in meeting key regulatory requirements such as the Monetary Authority of Singapore Technology Risk Management (MAS TRM), Reserve Bank of India (RBI) Guidelines, and Sarbanes-Oxley Act (SOX). The bank was using built-in auditing capabilities included with their databases to meet these requirements. However, these tools proved to be costly and unreliable, consuming 20% of their database processing power, requiring additional hardware and software purchases, and necessitating extra storage space for the massive volume of log data being collected. The bank also had to increase its IT headcount to manage the auditing system and run audit reports. The bank estimated that to make their in-house solution work effectively, it would cost them at least $100 million. Furthermore, the bank failed an audit due to their inability to produce consistent and repeatable audit reports that satisfied the different regulations.

A leading research university in the U.S. was seeking a robust security solution for their SharePoint system to protect it from both internal and external threats. The university, like many other higher education institutions, was focused on maintaining compliance with regulations such as FERPA, PCI, and HIPAA, and ensuring the security of their online presence. The Information Technology group at the university was responsible for securing the websites for the revenue-generating departments on campus. They used Microsoft SharePoint for their intranet portals and hosted public-facing websites for various services like student housing, campus parking, the university bookstore, dining programs, and more. These sites served as self-service commerce portals for its 30,000 undergraduate and graduate students, necessitating deeper security assurance and greater visibility into the SharePoint environment. The university wanted to better understand the SharePoint security posture of both its external and internal deployments. They found that native SharePoint lacked the necessary security capabilities to protect a web-facing deployment that housed sensitive data like financial information, personal health information (PHI), and personally identifiable information (PII).

A leading online education services provider in the United States faced a significant challenge in protecting the Personally Identifiable Information (PII) of its students in non-production environments. These environments included application development, testing, and training, which required the use of student data. The challenge was to find a solution that could securely de-identify student information before sharing it for these purposes. The need for such a solution was driven not only by the priority of ensuring the security of student information but also by the need to comply with the Family Educational Rights and Protection Act (FERPA). The client was also under pressure to maintain the integrity of its brand and uphold a track record of secure student data. The ideal solution needed to be time and resource-efficient, support the complexity of their underlying data, and mask it intelligently so that the end result looks and acts like the original data. The client also sought a vendor with a strong consulting practice to leverage data masking experts and accelerate the project.

The client, a global aerospace and defense organization, faced a significant challenge in enhancing the privacy and security of its database testing to safeguard all copies of live data within the organization. As one of the largest U.S. exporters, the company needed to maintain reliable data controls to protect its reputation and the interests of its customers, vendors, and employees. The client's goal was to find a data masking solution that would improve security without compromising the efficiency of database projects that included software development, integration testing, and offshoring. The challenge for Imperva was to ensure that the database copies were realistic for accurate testing and development, and to achieve secure and realistic data masking across multiple and varying data stores and complex applications.

A Fortune 500 IT services and business software company, with over 20,000 employees, provides data center hosting services for its own financial applications and for third-party web applications. Many of these applications are internet-facing and regulated by the Sarbanes-Oxley and Gramm-Leach-Bliley Acts, requiring the company to protect sensitive data. The company faced challenges in maintaining security due to the dynamic and highly-customized nature of its applications. Continual scanning of applications after every change was burdensome and required significant coordination between application developers and security engineers. The company needed a solution that would not impact release schedules, provide instant vulnerability remediation, and integrate seamlessly into their virtualized environment.

Datalex, a leading provider of a unified Digital Commerce Platform, was facing a significant challenge with bad actors scraping their customers' sites. This activity was diminishing SEO, luring away upsell and cross-sell opportunities, and increasing Global Distribution System (GDS) API pull costs. The travel industry, in which Datalex operates, is particularly vulnerable to such activities due to the valuable data available on their sites. Persistent scrapers were stealing content from travel sites, posting it on their own sites, and monitoring fare prices to undercut with lower fare offerings. One of Datalex's airline customers was being bombarded with deep-digging attacks, driving up backend payment costs. Even smaller customer sites were hit by bots multiple times a day, slowing them down or even taking them offline. Datalex had been using an anti-bot solution from F5 Networks, but it was proving ineffective in distinguishing good bots from bad ones and was burdensome to manage.

A leading North American life insurance company was grappling with the challenge of managing serious risks and ensuring compliance with regulatory standards. The company was struggling with the manual process of compliance proof and reporting, which was not only time-consuming but also prone to errors. The lack of automation in their processes was leading to inefficiencies and increased operational costs. The company was also unable to achieve 100% coverage of regulated data, which posed a significant risk to their operations. The challenge was to find a solution that could automate these processes, reduce expenses, and ensure comprehensive coverage of regulated data.

The healthcare organization, one of the largest nonprofit healthcare systems in the country, was faced with the challenge of protecting vast amounts of patient data. With over 400,000 people in the health system, the organization had to manage a sprawling environment that spanned structured data, unstructured data, and data stored in the cloud. The organization had to balance the clinicians’ needs for on-demand access to patient data against the risk of a data breach. In 2016, the organization embarked on a multiyear project to enhance the protection of patient data across the organization. However, a data security incident early in the project forced the organization to reevaluate its priorities.

A leading job site was facing several challenges due to unwanted bot activity on their platform. The site was being crawled by malicious bots, which were distorting web metrics and compromising the integrity of the site's traffic. This was particularly problematic as the site operates as an advertising platform for employers, making accurate traffic metrics crucial. The site's existing solutions, including a homegrown solution and utilities from their CDN, were only able to reactively block bots, not proactively prevent them. This meant that the team was unable to identify and block bots before they became a problem. Additionally, the unwanted bot traffic was consuming resources, driving up infrastructure costs, and negatively impacting the site's performance. The engineering team was also concerned about potential data theft by bots, and wanted to ensure they had complete control over their data.

e-Travel, a leading e-commerce travel specialist, was facing a significant challenge with web scraping bots. These bots, deployed by competitors and new entrants in the travel industry, were stealing e-Travel's data, including pricing information, and selling it to other competitors or auctioning it. This data theft was not only compromising the integrity of e-Travel's data but also straining its team and technical resources. The bots were scraping the sites so frequently that it was affecting the company's service quality. The company had to deploy additional resources to meet the bot demand, which was proving to be expensive. Additionally, the bots were skewing the company's look-to-book ratios and inflating advertising and GDS pull costs. The company's homegrown solution, 'Bot Hammer', was unable to keep up with the bots, and the bot problem persisted. In 2017, the company also faced a few denial of service attacks, adding to its operational challenges.

WMPH Vacations, a travel company specializing in cruise and resort vacations, was facing significant challenges with its network of 30 websites. The company's websites were under constant attack from hackers, competitors, unauthorized aggregators, and other malicious actors. The security threats included near-constant SQL injection attempts, aggressive price scraping, unauthorized vulnerability scanning, and spam. The form spam was particularly problematic as it polluted the company's backend systems, requiring managers to manually sift through forms to remove spam. Despite implementing CAPTCHAs and creating filters, these techniques proved ineffective and required constant maintenance. Additionally, web scraping was negatively impacting site performance, slowing response times, and affecting customer service and transactions with partners. The company was using AWS ELB to manually block IPs, but this was a never-ending task due to bot operators changing and masking IPs.

The European-based company, one of the largest prepared-food delivery chains on the continent, was facing a significant challenge in 2014. Cyberattacks on the company’s website were increasing in frequency and severity, leading to customer complaints and potentially damaging the company's reputation and market position. The company needed a solution to block the harmful traffic that was negatively impacting the customer ordering experience, while ensuring that legitimate eCommerce traffic continued to reach the website. The challenge was not only to protect the company's digital assets but also to maintain a seamless and efficient customer experience. The situation was further exacerbated during the pandemic, with an increase in food delivery orders and a simultaneous surge in cyberattacks.